Chris@0: adminUser = $this->drupalCreateUser(['administer site configuration', 'access administration pages', 'access site reports']); Chris@0: $this->drupalLogin($this->adminUser); Chris@0: Chris@0: $this->webUser = $this->drupalCreateUser(); Chris@0: } Chris@0: Chris@0: /** Chris@0: * Tests rebuilding the node access permissions table with content. Chris@0: */ Chris@0: public function testNodeAccessRebuildNodeGrants() { Chris@0: \Drupal::service('module_installer')->install(['node_access_test']); Chris@0: \Drupal::state()->set('node_access_test.private', TRUE); Chris@0: node_access_test_add_field(NodeType::load('page')); Chris@0: $this->resetAll(); Chris@0: Chris@0: // Create 30 nodes so that _node_access_rebuild_batch_operation() has to run Chris@0: // more than once. Chris@0: for ($i = 0; $i < 30; $i++) { Chris@0: $nodes[] = $this->drupalCreateNode([ Chris@0: 'uid' => $this->webUser->id(), Chris@17: 'private' => [['value' => 1]], Chris@0: ]); Chris@0: } Chris@0: Chris@0: /** @var \Drupal\node\NodeGrantDatabaseStorageInterface $grant_storage */ Chris@0: $grant_storage = \Drupal::service('node.grant_storage'); Chris@0: // Default realm access and node records are present. Chris@0: foreach ($nodes as $node) { Chris@0: $this->assertTrue($node->private->value); Chris@0: $this->assertTrue($grant_storage->access($node, 'view', $this->webUser)->isAllowed(), 'Prior to rebuilding node access the grant storage returns allowed for the node author.'); Chris@0: $this->assertTrue($grant_storage->access($node, 'view', $this->adminUser)->isAllowed(), 'Prior to rebuilding node access the grant storage returns allowed for the admin user.'); Chris@0: } Chris@0: Chris@0: $this->assertEqual(1, \Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is an all realm access record'); Chris@0: $this->assertTrue(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions need to be rebuilt'); Chris@0: Chris@0: // Rebuild permissions. Chris@0: $this->drupalGet('admin/reports/status'); Chris@0: $this->clickLink(t('Rebuild permissions')); Chris@0: $this->drupalPostForm(NULL, [], t('Rebuild permissions')); Chris@0: $this->assertText(t('The content access permissions have been rebuilt.')); Chris@0: Chris@0: // Test if the rebuild by user that cannot bypass node access and does not Chris@0: // have access to the nodes has been successful. Chris@0: $this->assertFalse($this->adminUser->hasPermission('bypass node access')); Chris@0: $this->assertNull(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions have been rebuilt'); Chris@0: foreach ($nodes as $node) { Chris@0: $this->assertTrue($grant_storage->access($node, 'view', $this->webUser)->isAllowed(), 'After rebuilding node access the grant storage returns allowed for the node author.'); Chris@0: $this->assertFalse($grant_storage->access($node, 'view', $this->adminUser)->isForbidden(), 'After rebuilding node access the grant storage returns forbidden for the admin user.'); Chris@0: } Chris@0: $this->assertFalse(\Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is no all realm access record'); Chris@0: Chris@0: // Test an anonymous node access rebuild from code. Chris@0: $this->drupalLogout(); Chris@0: node_access_rebuild(); Chris@0: foreach ($nodes as $node) { Chris@0: $this->assertTrue($grant_storage->access($node, 'view', $this->webUser)->isAllowed(), 'After rebuilding node access the grant storage returns allowed for the node author.'); Chris@0: $this->assertFalse($grant_storage->access($node, 'view', $this->adminUser)->isForbidden(), 'After rebuilding node access the grant storage returns forbidden for the admin user.'); Chris@0: } Chris@0: $this->assertFalse(\Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is no all realm access record'); Chris@0: } Chris@0: Chris@0: /** Chris@0: * Tests rebuilding the node access permissions table with no content. Chris@0: */ Chris@0: public function testNodeAccessRebuildNoAccessModules() { Chris@0: // Default realm access is present. Chris@0: $this->assertEqual(1, \Drupal::service('node.grant_storage')->count(), 'There is an all realm access record'); Chris@0: Chris@0: // No need to rebuild permissions. Chris@0: $this->assertFalse(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions need to be rebuilt'); Chris@0: Chris@0: // Rebuild permissions. Chris@0: $this->drupalGet('admin/reports/status'); Chris@0: $this->clickLink(t('Rebuild permissions')); Chris@0: $this->drupalPostForm(NULL, [], t('Rebuild permissions')); Chris@0: $this->assertText(t('Content permissions have been rebuilt.')); Chris@0: $this->assertNull(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions have been rebuilt'); Chris@0: Chris@0: // Default realm access is still present. Chris@0: $this->assertEqual(1, \Drupal::service('node.grant_storage')->count(), 'There is an all realm access record'); Chris@0: } Chris@0: Chris@0: }